SSL is a cryptographic protocol that provides communication security over the Internet. SSL is often used to establish a secure connection over which a client and a server may exchange sensitive information such as usernames, passwords, social security numbers, credit card numbers and other financial information, or the like. Some encryption schemes require the client and the server to be preconfigured with a secret key that is used to encrypt and decrypt information. Encryption schemes that utilize such preconfigured secret keys are not suitable for secure information exchanges over the Internet because of the potentially millions of clients that have no prior secret key arrangement with the servers. SSL differs from some encryption schemes in that SSL does not require the client and the server to exchange a secret key before sensitive information can be exchanged over a secure channel, thereby making SSL particularly well-suited for information exchanges over the Internet.
SSL employs the use of asymmetric keys, which are defined in pairs of public and private keys. A key is a piece of information that is applied utilizing an algorithm to a string or block of unencrypted information to produce encrypted information, or to decrypt encrypted information. A public key is made freely available to anybody. A private key is known only to the server. Information encrypted by the client using the public key can be decrypted only by the server's private key. In this manner, the client can send information securely to the server without concern that the information will be decrypted by another party. Also, data encrypted by the server's private key can only be decrypted using the public key.
An SSL certificate is a digital computer file that utilizes a digital signature to bind a public key with an identity of a person or organization that owns a Web site or other resource. An SSL certificate may contain, in addition to the public key, information about the owner such as a domain name, server name, hostname, company name, company location, duration of validity, certificate usage, distinguished name, and/or common name. An SSL certificate may also include information about the certificate authority (“CA”) that issued the certificate. An SSL certificate may be formatted according to a standard format, such as provided by X.509 or the like.